Island Health College logo


Training in natural therapies

Privacy Policy

Our Privacy Policy aims to explain and inform the general guidelines in relation to privacy for all staff, students and clients of Student clinical practice. The policy aims to protect and provide privacy and quality assurance for all people who are involved with the College.


Governing over this policy: The Australian Privacy Principals replaces the National Privacy Principles and information Privacy Principles and applies to organisation, and Australian Government (and Norfolk Island Government) agencies. This took effect from March 2014.

There are 13 Australian Privacy Principles of the Privacy Amendment Act 2012, which amends the Privacy Act 1988.

The College handles personal information in relation to staff, students, and clinical practice clients.

  • Personal information is any information or opinion about you that identifies you or by which your identity can be reasonably established such as name, marital status, physical appearance, personal address, phone number and date of birth etc.
  • Sensitive information relates to individuals’ racial or ethnic origin, political, religious, philosophical beliefs of affiliations, sexual preferences/practices, criminal records and medical history – past, present and future.

Such information may only be collected with the individual’s knowledge and consent and will be treated with utmost respect and confidentiality.

The College does not provide personal information to external parties for marketing purposes.

Website and online presence

Our website is securely hosted in Australia by Webmistress. When you visit this website traffic information is logged which includes your IP address, date and time, type of web browser, and pages accessed. Logs are processed by our website provider for security, performance, and troubleshooting purposes, are stored in a secure environment, and are deleted within one month. Your connection to this website,, is encrypted and protected using Secure Sockets Layer (SSL). Other than the traffic logs mentioned, no personal information is gathered on this website.

This website includes links to external websites. We have no responsibility for the privacy policies of external websites.

Island Health College has a presence on Facebook. Your use of third party sites is subject to their respective policies. If you send us personal information through a messaging service such as Facebook Messenger, we will only use the information for the purpose for which you provided it.

Collection and information

Island Health College – IHC will only collect personal and sensitive information that is necessary by lawful and fair means and will inform the individual as far as practicable when and how this information can be accessed.

What personal information do we collect:

  • Name
  • Mailing and or street address
  • Email address
  • Telephone contact number
  • Age and / or birth date
  • Sensitive information such as your country of birth
  • Next of Kin contact details
  • Gender
  • Language and cultural diversity
  • Preferred learning style/s
  • Disability (if any)
  • Education and prior achievement
  • Employment status
  • Reason for study
  • Evidence of identity (if required)
  • USI (Unique Student Identifier) number. (refer Island Health College Unique Student Identifier USI information sheet for students.)
  • The services you have enquired about, together with any additional information necessary to deliver those services and to respond to enquiries.

Other information we collect.

  • Clinical Practice client information: name, contact phone number and email address.
  • Client email address is maintained only if the client has authorized IHC to contact them by email.
  • Client information is maintained for one year only to provide students with information relevant to their studies. After one year the client information is shredded or destroyed.
  • At no times is client information to be removed from Island Health College premises in any form.

The College does not provide personal information to external parties for marketing purposes.

Storage of information

Personal information will be managed confidentially, secured at all times and destroyed when appropriate in a secure and professional manner.

  • Records Management
  • Hardcopy of students files, current or archived, are stored in filing cabinet, in student number order.
  • Administration office, when closed is only accessible by keyed access.
  • Student files are to be retained securely for 30 year.
  • Under no circumstances may student files be removed form administration.
  • No information from student files is to be released to any third parties without written consent of the student in question.
  • A student/staff member may request access to their records. This will be done with supervision and under no circumstances are records to be removed from the Administration office.
  • A student/staff member requiring copies of any documents on file must allow for up to ten workings days for the information to be provided. A copy off of 20c per page will apply.

Disclosure of information

IHC will only disclose personal and sensitive information when required by law, with the consent of the individual to do so where practicable, for the purpose for which the information was collected, or under other circumstances where permitted under the act.

Unauthorized disclosure of, or access to, personal information by our employees, contractors or students will be taken seriously and appropriate action (disciplinary or legal) may be taken.

Australian Privacy Principles (APPs)

Australian Privacy Principle 1 – Open and transparent management of personal information

For students, private information may be collected when speaking with Administration and when filling out the enrolment form. This may include name, date of birth, contact details such as residential address, postal address, phone number, email and educational background.

For staff, private information may be collected when speaking with the Manager, submitting paperwork relevant to ‘Standards for Registered Training Organisations’ (RTOs 2015.)

For clinic clients, this information may be collected when speaking with a clinic student or administration directly but only with clients knowledge and approval.

The College is required to obtain data for government reporting.

Government reporting requires such information as whom the participant is, where they study or work and what they study. This includes:

  • Age, sex and other demographic information
  • Indigenous and disability information
  • Geographic location
  • Location of training
  • Units of competency as part of a qualification.
  • Study type – distance, classroom.
  • Results/outcomes of unit/modules
  • Educational background.

When collecting personal information the College will inform the individual of the following:

  • College RTO number and name
  • How the individual may obtain access to their personal files
  • Purpose for which we collect information
  • To whom we disclose the information

Individuals are informed if photos are to be taken and their approval sought.

Australian Privacy Principle 2 – Anonymity and pseudonymity

The provision of personal information is with consent from student, staff and clinic client.

The College will provide individuals with enquiries regarding our courses without the need for the individual to identify themselves, however the College may not be able to provide certain information about products and services without the individual correct personal information.

Australian Privacy Principle 3 – Collection of solicited personal information

All information collected by the College is to enable the College to provide a high quality of service to students, staff, and clients.

The collection of information is with the individual’s prior consent to enable the College to provide the expected services.

The collection of information is only collected from that individual.

The College may collect sensitive personal information (as defined in the Privacy Act 1988) but only with the individuals consent. Sensitive information in regard to health issues may be collected with the consent of the individual.

Australian Privacy Principle 4 – Dealing with unsolicited information

In the case of the College receiving information regarding an individual which was not requested and the information was not directly from that individual the College will determine if that information could have been obtained from as per Privacy Principle 3.

In the instance where the College determines that it could not have collected the personal information the College will destroy the said information.

Australian Privacy Principle 5 – Notification of the collection of personal information

At or before the time or, if that is not practicable, as soon as practicable after, the College collects personal information about an individual, the College must take such steps (if any) are reasonable in the circumstances to inform the individual of the following:

  • The identification of the College and the contact details
  • The identity of the individual the information was collected from if not the individual themselves.
  • Purpose the information was collected.
  • If the collection of the personal information is required or authorized by or under an Australian law or a court/tribunal order – the fact that the collection is required or authorized (including the name of the Australian law, or details of the court/tribunal order, that requires or authorizes the collection).
  • Consequences, if any, for the individual if they do not provide personal information as requested
  • To whom the personal information will be disclosed.
  • How an individual may complain about a breach of the Australian Privacy Principles and how it will be dealt with

Australian Privacy Principle 6 – Use or disclosure of personal information

The College ensures personal information about an individual that the College collects may not be used or disclosed unless the individual has consented to disclosure.

The ‘primary’ purpose for collection is made clear

If information is used for ‘secondary’ purposes it must relate to the primary purpose of collection and where the individual would reasonably expect the College to use or disclose the information.

Australian Privacy Principle 7 – Direct Marketing

The College will not use or disclose personal information from an individual for the purpose of direct marketing unless we have their consent.

The individual may elect to not receive direct marking from the College and we will comply.

Australian Privacy Principle 8 – Cross-border disclosure of personal information

The College will only transfer personal information about an individual to someone (other than within the College) who is in a foreign country the College reasonably believes that the recipient is subject to a law, or binding scheme, that has the effect of protecting the information in a way that, overall, is at least substantially similar to the Australian Privacy Principles.

The individual consents to the disclosure.

The information is requested by an Australian law or a court/tribunal order.

The information is requested by the individual for contractual purposes.

Australian Privacy Principle 9 – Adoption, use or disclosure of government related identifiers

The College does not adopt or disclose a government related identifier of an individual as its own identifier of the individual unless it is required or authorized by or under an Australian law or a court/tribunal order unless.

  • The identifier is reasonable necessary to verify the identity of the individual for the purposes of the organisation’s activities.
  • The identifier is prescribed by the regulations
  • The organisation is prescribed by the regulations, or is included in a class of organisation prescribed by the regulations
  • The adoption, use of disclosure occurs in the circumstances prescribed by the regulations.
  • The use or disclosure of the identifier is reasonably necessary for the College to fulfil its obligations to a State or Territory authority or is required or authorized by or under an Australian law of court/tribunal order.

The College assigns an identifier number to an individual for the purposes of the organisation’s operations only. The College does not assign an identifier for any individual that has been assigned by an Agency.

Australian Privacy Principle 10 – quality of personal information.

The College will take all reasonable steps to ensure that the personal information that the College collect is accurate, up to date and complete.

These include but are not limited to verification of personal information during interview.

Ensuring currency of email address, mailing address, phone number

Australian Privacy Principle 11 – security of personal information

The College has implemented steps to ensure personal information is safeguarded and protected to restrict misuse, loss, unauthorized access modification or disclosure.

  • An Individual information is secured by hard copy in a filing room with limited access which is only accessible to administration personnel.
  • Confidential information is stored nightly in a locked area of the building.
  • Data is archived.
  • Scanned individual results with a separate back up in place
  • Physical server with back up facility in place.

Australian Privacy Principle 12 – access to personal information

Access by an individual to their personal file is granted subject to identification of the individual.

The individuals file cannot be removed from Administration.

Australian Privacy Principle 13 – Correction of personal information

Where the College holds personal information about an individual and the College is satisfied that, having regard to a purpose for which the information is held is inaccurate, out of date, incomplete, irrelevant or the individual requests the College to correct the information;

The College will take reasonable steps to correct the information to ensure that, having regard to the purpose of which it is held, the information is accurate, up to date, complete, relevant and not misleading.

Contact us

If you wish to access or correct personal information we hold about you, or have any questions about our privacy policy, please contact:

Address: 300 Argyle Street, North Hobart, Tas 7000
Postal: PO Box 507, North Hobart, Tas 7002
Phone: (03) 6236 9011

Home | Copyright | Privacy | Site map | Site credits | Contact us